Amazon Key: Revolutionising Secure Access for Global Deliveries

Amazon Key enables secure, on-demand access for delivery associates to gated residential and commercial properties worldwide. By combining cellular-enabled hardware with a scalable, containerised backend, it ensures reliable, low-latency unlocks. Supporting over 100 million annual access events across multiple countries, Amazon Key improves delivery success rates, reduces defects, and integrates third-party partners while maintaining strict security and operational resilience.

Amazon faces a common challenge in last-mile deliveries, delivery associates frequently encounter access-controlled residential and commercial properties, including gated communities, that prevent timely package drop-offs.

In 2018, Amazon faced a significant logistical hurdle: delivery associates frequently encountered locked gates and restricted access points, leading to failed deliveries and frustrated customers. The problem was particularly acute in gated communities and apartment buildings, where outdated access control systems were not designed for modern logistics.

To bridge this gap, Amazon launched Amazon Key, a system that enables verified delivery personnel to securely unlock gates and doors, only when needed and for the duration required to complete a delivery. Today, the system facilitates over 100 million unlocks annually across 10+ countries, handling five unlocks every second.

The origins: From parking solution to delivery enabler

The concept of Amazon Key originated in 2016 when Kaushik Mani, now Director at Amazon, noticed underutilised parking spaces in Seattle apartment buildings. His initial idea, a cloud-connected universal key for garage doors, later evolved into Amazon Key. However, building owners were hesitant to grant access to unauthorised users, prompting a pivot to focus exclusively on last-mile deliveries.

By 2018, Amazon Key was operational, initially targeting just 100 buildings. The system quickly proved its value, reducing delivery defects and improving first-attempt success rates. As Kaushik Mani explains: "It takes $5 to build the solution, but $95 to make it secure."

This statement underscores the complexity of scaling a secure, global access system.

Early architecture: A serverless approach

Amazon’s initial solution was pragmatic:

• Hardware: A compact, Ethernet-connected device wired into existing access control systems.
• AWS IoT: Facilitated secure communication between devices and the cloud.
• Lambda (Java): Processed unlock requests from delivery associates via the Amazon Flex App.
• DynamoDB: Stored device metadata and access permissions.

While functional, this setup faced challenges as adoption grew:

• Installation Constraints: Many buildings lacked Ethernet connectivity, requiring cellular alternatives.
• Java Cold Starts: Increased latency, affecting real-time unlocks.
• Lack of Feedback: Delivery associates had no visibility into whether unlocks succeeded.

Scaling up: Cellular connectivity and containerisation

To address these limitations, Amazon Key underwent a major architectural overhaul:

1. Transition to Cellular Hardware

The team introduced a multi-carrier cellular device, eliminating dependency on building infrastructure. This ensured reliable connectivity across 70+ countries, with automatic failover if one network failed.

2. Moving from Lambda to ECS Fargate

Lambda’s cold starts and unpredictable performance made it unsuitable for global scaling. The shift to ECS Fargate provided:

• Persistent connections for real-time unlocks.
• Fine-grained CPU/memory control for optimised performance.
• Cost efficiency compared to EC2, without operational overhead.

As Vijay Nagarajan, Engineering Leader at Amazon Key, explains: "Fargate gave us the control and performance of EC2, without the ops overhead of managing VMs."

3. Intelligent Connection Manager (ICM)

To handle fluctuating cellular performance, Amazon Key introduced ICM, which:

• Monitors device health via EventBridge and Redshift.
• Automates remediation (e.g., rebooting devices or switching carriers).
• Reduces manual intervention, ensuring high availability during delivery windows.

A modular, microservices-based system

The revamped architecture adopted a service-oriented approach, with key components including:

• Provisioning App: Simplifies device installation and onboarding.
• Key Gateway Service: Routes region-specific traffic for international expansion.
• Access Management Service: Manages gate-to-device relationships.
• Device Management Service: Streams performance metrics to Redshift.
• OTA Management Service: Enables firmware updates across device fleets.

Expanding beyond Amazon

In 2023, Amazon Key extended its platform to third-party providers like Grubhub via the Partner Gateway Service, which:

• Onboards external delivery partners securely.
• Uses mutual TLS (mTLS) for authentication.
• Isolates third-party traffic to protect core services.

Security and access control

Amazon Key employs distinct authentication models:

• For Amazon deliveries: Short-lived tokens issued via the Flex App.
• For third parties: mTLS-based authentication with time-bound access.

Vijay Nagarajan highlights: “Access is controlled through a time-bound token issued when the driver arrives. The token is extended at 30-second intervals during the delivery window.”

Key learnings from Amazon key’s journey

• Evolve with Scale: Start simple, but adapt as demands grow.
• Measure Operational Metrics: Focus on availability during delivery hours, not just uptime.
• Standardise for Speed: Consistent tooling (Java, IaC) accelerates development.
• Design for Real-World Conditions: Cellular reliability varies—plan accordingly.
• Leverage Data-Driven Insights: Centralised analytics enable proactive improvements.

As Vijay Nagarajan reflects: "We could have accelerated the learning phase by prioritising device telemetry earlier. But we are evolving in the right direction."

Amazon Key is a mission-critical system, ensuring seamless access for deliveries worldwide. By combining hardware innovation, cloud-native architecture, and rigorous security, Amazon has transformed a logistical bottleneck into a scalable, global platform, proving that even the most entrenched challenges can be solved with the right approach.

Note: This article was created in collaboration with the Amazon Key engineering team. Special thanks to Kaushik Mani (Director at Amazon) and Vijay Nagarajan (Engineering Leader) for providing insights into the system’s architecture and the challenges encountered during its development. All technical details and diagrams featured in this article are credited to the Amazon Key Engineering Team.